Email Analyzer
Received a suspicious email? Paste the content and let AI identify scam patterns
Quick Answer
Quick answer: if an email pushes you to pay now, call back urgently, reset an account, share one-time codes, or connect a wallet, do not follow it yet. Preserve the message and headers first, then verify the domains, brand cues, and payment path.
Cross-Check the Evidence
Keep Checking the Other Objects Mentioned in the Email
Scam emails usually push you toward a website, phone number, company identity, or payment step. Check those objects one by one.
Website / Link
Check the Website or Landing Page
Use this for login pages, payment forms, password resets, and impersonation portals.
Phone Call
Check the Phone Number in the Email
If the message tells you to call support or security, verify that number next.
Company / Entity
Check the Company or Seller Identity
Use this for procurement, billing, hiring, and merchant identity checks.
Already Affected
Move Into the Victim Action Plan
If you already paid, opened the attachment, approved a login, or shared codes, move into the action plan.
Open the suspicious email → Select all text → Copy → Paste here
or paste a screenshot directly
Copy
Forward or copy the email body text
Paste
or paste a screenshot directly
Get Results
Paste the suspicious email content below
Common Email Scam Scenarios
If the message fits one of these common patterns, the matching guide is usually the fastest next step.
Payments / Invoices
PayPal Invoice or Payment Notice
Use this for fake invoices, unauthorized-payment notices, callback numbers, and payment-pressure emails.
Exchange Support
Binance Security Email or Fake Support
Useful for freeze notices, withdrawal restrictions, and verification-wallet instructions.
Account Restriction
Coinbase Restriction or Callback Email
Use this for account-restriction notices, suspicious-login emails, and test-transfer setups.
Store / Clearance
Amazon Clearance or Branded Store Email
Useful for branded clearance offers, stand-alone storefronts, and refund-risk scenarios.
Deep sender-authentication check
Upload the original email (.eml) for a real SPF / DKIM / DMARC check
Pasting the text shows what an email says. Uploading the original .eml file lets us cryptographically verify who really sent it — and catch a forged "From" address even when the message looks legitimate.
Drag and drop a .eml file or click to upload
Export the original message as .eml — up to 10MB
Frequently asked questions
What should I do first after receiving a suspicious email?
Do not click to verify anything first. Stop interacting, preserve the message, sender address, and any links, then use the ScamLens email analyzer and the relevant verification guides.
Can I trust an email just because the sender name looks familiar?
No. Display names are easy to fake. What matters is the landing domain, reply address, email headers, and whether the next step stays inside the official site or account you opened yourself.
What if the email mentions an invoice, account restriction, or security alert?
Treat those as high-risk scenarios. Go back to the official app or site you open yourself, then cross-check the domains, brand cues, and payment path through ScamLens.
What if I already clicked the link or replied to the email?
Stop interacting immediately, change the affected credentials, review whether money, codes, or wallet signatures were exposed, and move into victim-help or the relevant recovery guide.